Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,344 vulnerabilities with CWE-352

CVE-2024-6719 HIGH

Offload Videos < 1.0.1 - Cross-Site Request Forgery in Settings Update

CVE-2024-12750 MEDIUM

Competition Form < 2.0 - Cross-Site Request Forgery in Settings Update

CVE-2024-12301 MEDIUM

JSP Store Locator < 1.0 - Cross-Site Request Forgery

CVE-2024-12282 MEDIUM

wp-connect < 2.5.6 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-11719 MEDIUM

tarteaucitron-wp < 0.3.0 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-11373 MEDIUM

Connexion Logs < 3.0.2 - Cross-Site Request Forgery in Settings Update

CVE-2024-10677 MEDIUM

Bluetrait Blue Trait Event Viewer < 2.0.2 - CSRF

CVE-2024-10634 MEDIUM

Nokaut Offers Box < 1.4.0 - Cross-Site Request Forgery in Settings Update

CVE-2024-11142 HIGH

Proticaret < 6.0 - Cross-Site Request Forgery

CVE-2024-13338 MEDIUM

Clearfy Cache < 2.3.1 - Cross-Site Request Forgery via wclearfy_cache_delete Functionality

CVE-2024-13337 MEDIUM

Clearfy Cache - WordPress optimization plugin <2.3.2 - CSRF

CVE-2024-8243 MEDIUM

WordPress/Plugin Upgrade Time Out Plugin <1.0 - CSRF

CVE-2024-6860 MEDIUM

WP MultiTasking < 0.1.12 - Cross-Site Request Forgery in Permalink Suffix Settings

CVE-2024-6857 MEDIUM

WP MultiTasking < 0.1.12 - Cross-Site Request Forgery in Script Settings Update

CVE-2024-41795 MEDIUM

SENTRON 7KT PAC1260 Data Manager - Cross-Site Request Forgery

CVE-2024-11071 HIGH

Cyberdigm DestinyECM - Cross-Site Request Forgery via JSON Hijacking

CVE-2024-56474 MEDIUM

IBM TXSeries for Multiplatforms <9.1, 11.1 - CSRF

CVE-2024-13146 HIGH

Booknetic < 4.1.5 - Cross-Site Request Forgery via Staff Account Creation

CVE-2024-13710 MEDIUM

Estatebud - Properties & Listings <5.5.0 - CSRF

CVE-2024-13118 MEDIUM

IP Based Login < 2.4.1 - Cross-Site Request Forgery via Log Deletion

CVE-2024-13768 MEDIUM

WordPress Use Custom Fonts <4.2 - CSRF

CVE-2024-9847 HIGH

flatpress < 1.4 - Cross-Site Request Forgery via Plugin Toggle Action

CVE-2024-9365 MEDIUM

polyaxon/polyaxon v2.4.0 - Cross-Site Request Forgery

CVE-2024-9311 MEDIUM

haotian-liu/llava v1.2.0 - Unauthenticated Cross-Site Request Forgery and Arbitrary File Upload

CVE-2024-8736 MEDIUM

lollms_web_ui V12 - Denial of Service via CSRF Boundary Parsing in File Upload Endpoints

Previous Page 89 of 374 Next

Details

Vulnerabilities 9,344

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy